Best Way to Start Your Own Security Consulting/ Penetration Testing Company

If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

As soon as I saw the title of this thread and the name of the OP I came in here to do what MLF and Galdron have already done..

NetSecExpert: You are by no means an expert and I really haven't seen you display any knowledge that implies you have even the slightest idea about computers... much less security...

Considering all the laws regarding compliance and everything else I advise you against this... with the lack of knowledge you've displayed on this site you'll find yourself in a lawsuit... and it won't be pretty... While I would say that 36K may be a little much for a two week assessment (Then again I dunno what it entails) you are paying for the knowledge and experience that those pen testers have.... something that you are lacking...

Do yourself a favour and forget this idea.... stick around the site you may learn a thing or two but NetSecNewb is a better name for ya

Peace,
HT

IT Blog: .:Computer Defense:.PnCHd (Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".

You guys on this site are harsh!!! If someone is new to the boards, you really are looking to rip them up, just because they haven't been a part of Antionline for 5 years and don't have a 1000 posts doesn't mean they don't know their ****. Is this a ritual when someone is new to the boards they go thru a phase of getting ripped up and then eventually they get a little respect. Nobody on these boards has any idea yet of my experience or background nor do I know of the people on the boards.

I did not come to this site to have to prove anything, I simply came on here to network with people in the field, learn from others experience, possibly help other people out in the field this was my reasoning behind joining the site.

To tell you the truth I have found a lot of valuable information on here, although when ever I seem to post something it turns the wrong way.

I may not have the most experience in the security field "5 years" but I have been a part of some good organizations and I do have some solid knowledge on many aspects of security and much to contribute.

So rip me up if you like or give me sometime being on Antionline before flaming me to toast.

It's all good though, I am not the type of person to disrespect or flame anyone so I will not resort to that level and that is not why I came on to Antionline.

Just because someone is looking for advice on starting a business does it mean that you should be flamed for trying to better yourself and the community. Is this what Antionline is all about?

You guys are unbelieveable!!! This site is meant to be helpful and to contribute and build the security industry not to put people down that are trying to move up in the field!!!!

As for competing with a company that charges 36K for 2 weeks work....you better be really good at what you do.

Say you are running a pentest\audit on an active system....and you crash the network or application....due to lack of experience

Personally...if I was security officer for a bank....I would get an experienced, well known company to run my security auditing...that way...if they muck anything up...they have the resources for the lawsuit

............not someone that cant run a network scan due to permission issues.

Look up the thread...why do we pentest....there you will find some real security professionals

ML 36k was the cheapest out of the 3 that I interviewed for the assignment.

NEC was 36k
Razorpoint was 57k
Gemini systems was 52K

Looking over these numbers I wish if it wasn't mandatory by the fed to have an outside company do the penetration testing. After this being my first time hiring an outside company to do this, it got me think, hey why not get some old coworkers and friends in the business and do it myself for other companies. Probally start out at small businesses, and charge 20k for two weeks. The reporting aspect of it is easy executive summary, technical summary and remediation details. Besides all the other things included rogue access point scanning, vulnerability scanning, firewall ruleset checking, dos attacks, enumeration, code checking for flaws, war dialing, social engineering, screenshots for all exploits, public info gathering on sites and ip address space reconciliation along with all the other stuff. I was thinking to do policy and procedure review on top of that.

I won't apologize... You've done nothing to display knowledge.. in fact your posts have displayed an ineptitude (hrm.. is that a word?) when it comes to IT and IT Security...

I wouldn't hire you based on what I've seen here... and I'm pretty sure you'll find yourself being sued based on advice you've given here... In fact if you were to give that same advice and charge for it... I guarentee you'd be sued...

So enjoy yourself... and remember to incorporate your company.. that way when they sue you they can't come after your personal assets..

BTW I just saw your post after MLF's last one... I see you know the buzz words... but really... you think some company wants you to DOS them?? How would you check the firewall rules? What would you use for vuln scanning? A Pentest is a lot more than just firing nessus and giving them the results... enumeration of what??? and how do you get to that point... Code Checking for Flaws.. What languages are you fluent in? War Dialing... Social Engineering... How do you plan to go about your social engineering.. what are your tactics???

"Screenshots for all exploits" wtf does that even mean... public info gathering on sites... who cares what's out there... it's there and I can't change it... I'm paying you to test my system security.. not punch my company name into google and hit print... IP Address space reconciliation... So now you want to do a full consulting overhaul of their network while pen testing??? I can see companies wanting that... So how would you setup the VLANs.. are you familiar with Cisco, Nortel, Juniper and Extreme???

For policy... how much do you know about policy writing and procedure writing... what you've googled in the last few days.... That's not going to fly... it's really not...

Peace,
HT

IT Blog: .:Computer Defense:.PnCHd (Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".

1. you think some company wants you to DOS them??
Companies obviously do not want you to give them a DOS attack and cause a business outage, but to check that there machines are protected from DOS attacks and that they can handle significant hits at the perimeter of their network by crafting different types of packets i.e. there routers and network devices.

2. How would you check the firewall rules?
I would check to make sure first off that everything was blocked ingress/egress filtered implicitly and only what needed to be allowed for the business would be opened.

3. What would you use for vuln scanning?
For vulnerability scanning, I would use retina initially then use Nessus to double verify the vulnerabilities that were found in the initial scan.

4. A Pentest is a lot more than just firing nessus and giving them the results...
Well of course a pentest is to give a company an overall idea of their security posture, what is vulnerable to attack internally and externally, what can be compromised, and how much of a business risk it is.

5. enumeration of what???
Network and Host enumeration to find out as much of a device as possible to be able to determine what type of attack it is vulnerable to.

6. and how do you get to that point...
not sure what you are talking about?

7. Code Checking for Flaws..
SQL injects, directory transversals, unicode attacks and etc. I could also verify the coding of the website itself and make sure it is not vulnerable to any security implications by the means of error handling, data validation & session management.

8. What languages are you fluent in?
Not a programmer, most of my experience is with networking/security and administration i.e. unix/linux, nortel/cisco, windows boxes.

9. War Dialing...
When I worked at Citigroup I did a lot of war dialing using phone sweep, trying to pick up on modems attached to the system.

10. Social Engineering... How do you plan to go about your social engineering.. what are your tactics???
If I was doing social engineering to test a company first thing I would do as an outsider would be to snoop around online and try to find out an names of managers or workers any means i.e websites, jobsites, company website, then I would find out the company exchange numbers. After doing so I would call a few employees and tell them that I was a new employee in the IT department and I wanted to check and test out their email accounts. So then I would ask them for their email address so I can check it and then in the email back to me ask them for information, thus finding out more info from what they give and from the mail headers after they send me the email. From there I can go onto more from the information that, that person gave and maybe do a dossier lookup on the url for the IT dept. and get some more phone #s and personell info. And the list is endless to how to trick employees to give confidential information.

Screenshots for all exploits" wtf does that even mean...
What that means is proof that you can compromise a system, so they know they are really vulnerable and that your not just BSing them with just doing vulnerability scans.

public info gathering on sites... who cares what's out there... it's there and I can't change it...
You should care that is how most people hack and social engineer a company by how much info they can gather and determine how your network is setup.

I'm paying you to test my system security.. not punch my company name into google and hit print... IP Address space reconciliation...
Iíve assessed a company before and they didnít even realize they had some public IPís they werenít even using and someone else took advantage of it.

So now you want to do a full consulting overhaul of their network while pen testing??? I can see companies wanting that... So how would you setup the VLANs.. are you familiar with Cisco, Nortel, Juniper and Extreme???
Yes, I am familiar, although not an expert I can setup cisco routers and switches.

For policy... how much do you know about policy writing and procedure writing... what you've googled in the last few days.... That's not going to fly... it's really not...
Iíve written many policies and procedures for where I am now and Citigroup.